[test suite] Added Rijndael+HMAC command execution test
authorMichael Rash <mbr@cipherdyne.org>
Thu, 13 Mar 2014 03:56:12 +0000 (23:56 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Thu, 13 Mar 2014 23:40:47 +0000 (19:40 -0400)
ChangeLog
Makefile.am
test/conf/hmac_cmd_access.conf [new file with mode: 0644]
test/test-fwknop.pl
test/tests/rijndael_hmac_cmd_exec.pl [new file with mode: 0644]

index 8f658fb..64d4c51 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,7 @@ fwknop-2.6.1 (//2014):
       header which references both the AUTHORS and CREDITS files.  The
       specific language in this header was created by the Debian legal team at
       the request of Franck Joncourt.
+    - [test suite] Added Rijndael+HMAC command execution test.
 
 fwknop-2.6.0 (01/12/2014):
     - (Radostan Riedel) Added an AppArmor policy for fwknopd that is known to
index 9b3ae5d..24ebb3d 100644 (file)
@@ -165,6 +165,7 @@ EXTRA_DIST = \
     test/conf/no_flush_exit_fwknopd.conf \
     test/conf/no_flush_init_or_exit_fwknopd.conf \
     test/conf/hmac_access.conf \
+    test/conf/hmac_cmd_access.conf \
     test/conf/hmac_get_key_access.conf \
     test/conf/hmac_no_b64_access.conf \
     test/conf/hmac_equal_keys_access.conf \
@@ -295,6 +296,7 @@ EXTRA_DIST = \
     test/tests/code_structure.pl \
     test/tests/basic_operations.pl \
     test/tests/rijndael_hmac.pl \
+    test/tests/rijndael_hmac_cmd_exec.pl \
     test/tests/rijndael_backwards_compatibility.pl \
     test/tests/os_compatibility.pl \
     test/tests/gpg_hmac.pl \
diff --git a/test/conf/hmac_cmd_access.conf b/test/conf/hmac_cmd_access.conf
new file mode 100644 (file)
index 0000000..4c95e79
--- /dev/null
@@ -0,0 +1,5 @@
+SOURCE                  ANY
+KEY_BASE64              wzNP62oPPgEc+kXDPQLHPOayQBuNbYUTPP+QrErNDmg=
+HMAC_KEY_BASE64         Yh+xizBnl6FotC5ec7FanVGClRMlsOAPh2u6eovnerfBVKwaVKzjGoblFMHMc593TNyi0dWn4opLoTIV9q/ttg==
+ENABLE_CMD_EXEC         Y
+FW_ACCESS_TIMEOUT       3
index 5047f99..c0c4920 100755 (executable)
@@ -43,6 +43,7 @@ our %cf = (
     'def_access'                   => "$conf_dir/default_access.conf",
     'portrange_filter'             => "$conf_dir/portrange_fwknopd.conf",
     'hmac_access'                  => "$conf_dir/hmac_access.conf",
+    'hmac_cmd_access'              => "$conf_dir/hmac_cmd_access.conf",
     'hmac_get_key_access'          => "$conf_dir/hmac_get_key_access.conf",
     'hmac_equal_keys_access'       => "$conf_dir/hmac_equal_keys_access.conf",
     'hmac_no_b64_access'           => "$conf_dir/hmac_no_b64_access.conf",
@@ -216,6 +217,7 @@ my @test_files = (
     "$tests_dir/basic_operations.pl",
     "$tests_dir/rijndael.pl",
     "$tests_dir/rijndael_cmd_exec.pl",
+    "$tests_dir/rijndael_hmac_cmd_exec.pl",
     "$tests_dir/rijndael_replay_attacks.pl",
     "$tests_dir/rijndael_fuzzing.pl",
     "$tests_dir/rijndael_backwards_compatibility.pl",
@@ -238,6 +240,7 @@ our @code_structure_errstr   = ();  ### from tests/code_structure.pl (may includ
 our @basic_operations        = ();  ### from tests/basic_operations.pl
 our @rijndael                = ();  ### from tests/rijndael.pl
 our @rijndael_cmd_exec       = ();  ### from tests/rijndael_cmd_exec.pl
+our @rijndael_hmac_cmd_exec  = ();  ### from tests/rijndael_hmac_cmd_exec.pl
 our @rijndael_replay_attacks = ();  ### from tests/rijndael_replay_attacks.pl
 our @rijndael_hmac           = ();  ### from tests/rijndael_hmac.pl
 our @rijndael_fuzzing        = ();  ### from tests/rijndael_fuzzing.pl
@@ -564,6 +567,7 @@ my @tests = (
     @basic_operations,
     @rijndael,
     @rijndael_cmd_exec,
+    @rijndael_hmac_cmd_exec,
     @rijndael_replay_attacks,
     @rijndael_backwards_compatibility,
     @rijndael_fuzzing,
@@ -3803,6 +3807,8 @@ sub get_mod_paths() {
 sub spa_cmd_exec_cycle() {
     my $test_hr = shift;
 
+    unlink $cmd_exec_test_file if -e $cmd_exec_test_file;
+
     my $rv = &spa_cycle($test_hr);
 
     if (-e $cmd_exec_test_file) {
diff --git a/test/tests/rijndael_hmac_cmd_exec.pl b/test/tests/rijndael_hmac_cmd_exec.pl
new file mode 100644 (file)
index 0000000..38f6766
--- /dev/null
@@ -0,0 +1,18 @@
+
+### need to add a lot more tests to this
+
+@rijndael_hmac_cmd_exec = (
+    ### command execution tests
+    {
+        'category' => 'Rijndael+HMAC',
+        'subcategory' => 'client+server',
+        'detail'   => 'command execution',
+        'function' => \&spa_cmd_exec_cycle,
+        'cmdline'  => qq|$fwknopCmd --server-cmd "echo fwknoptest > $cmd_exec_test_file" | .
+            "-a $fake_ip -D $loopback_ip --rc-file $cf{'rc_hmac_b64_key'} ".
+            "$verbose_str",
+        'fwknopd_cmdline'  => "$fwknopdCmd -c $cf{'def'} -a $cf{'hmac_cmd_access'} " .
+            "-d $default_digest_file -p $default_pid_file $intf_str",
+        'fw_rule_created' => $REQUIRE_NO_NEW_RULE,
+    },
+);